How Distil Strengthens Advertiser Relationships for Real Good Media by Blocking Non-Human Traffic

We’re a boutique digital agency with deep expertise in ad operations and traffic management. Clients such as Entrepreneur, Heavy, Sony Pictures Entertainment, and Dailymotion depend on us to understand the shifting landscape of media buying, which increasingly includes bot and adware / malware detection.

I recently received a notice from one of my customer’s advertisers alleging suspicious clicks. Below is the true story of how I resolved this digital ad fraud notice using Distil Networks.

It all started with suspicious clicks

I recently received an email from an advertiser for one of my customer’s sites telling me that their digital ad fraud auditing firm was seeing a large number of suspicious clicks coming from unexpected places. The email also notified us that they were commencing an in-depth review of the account and associated traffic and logs. In addition to wanting our own assessment of the traffic related to their account, they also requested view-only access to our analytics, and that we remove all their tags from our sites during the course of the investigation. As you can imagine, this was rather worrying, as this advertiser contributes a significant amount of revenues for my customer.

We did as they asked, and assured them that all traffic is filtered through Distil Networks, aggressively blocking non-human traffic. And because of our relationship with Distil, we were able to provide them with a significant amount of drill-down information as to what was happening with their traffic.

How Distil reports helped save the day

I’ve reproduced a few of the reports we were able to supply to the advertiser below, with the account name blocked out for reasons of privacy and confidentiality:

Seven-day traffic overview

Threats by organization

The next screenshot shows exactly who was blocked from coming to the site, starting with our basic policy of blocking 100% of traffic coming from virtual private servers. We were also able to reassure them that we had worked with Distil to specifically block traffic from Amazon, Colocrossing, Google Cloud, and Microsoft Azure – which meant that any bad guys spinning up bot servers on public cloud platforms would not be able to throw brute force or other account-cracking attacks at our clients.

And here’s a one-day snapshot of threats by organization:

Note in particular the highlight on the first entry, Nobis Technology. This is a data center that probably cycles through tens of thousands of IP addresses; using Distil’s service has enabled us to block over 3.6 million IP addresses every day.

Trap analysis

This screen identifies the threats that are blocked, as well as who they’re coming from. This particular illustration is a seven-day snapshot, but we could have picked any date or date range, which helps us to show how patterns develop over time (behavior patterns are a key part of how Distil distinguishes good bot traffic from bad). The filtered IP tab is also open here to show exactly what and who has been blocked.

Audit log

This screen is specific to the advertiser’s placement within their DFP account and makes it very easy to see exactly what attempts were blocked by Distil.

User Captcha

If we find that a user – human or not – has gone down through a certain number of pages, we insert a CAPTCHA into the user journey. Yes, it’s a risk to do this – most users really don’t like CAPTCHAs – but click integrity is so important to Real Good Media's customers that we think it’s a risk worth taking. The text on the screen is customizable, so it’s relatively easy for us to tune the message to the tolerance levels and expectations of genuine human users.

We also block Integral Ad Science (IAS), DoubleVerify, Forensiq, and Mediatrust. We don’t subscribe to their services, so they have no need to ping our sites. While this can cause problems of “unknown traffic” reports, it’s another calculated risk that my customer was prepared to take. And we try to block as much IE traffic as possible, because that’s the platform most bots use. But we can’t block everything – IE still has plenty of legitimate users, and their needs must also be respected.

Reduced bot traffic to less than 3%

Anyone who’s spent any time in the information security space knows that there is no silver bullet, and 100% security is simply not feasible (unless you never turn on your device or connect to the internet!). We still see a small amount of bot traffic, mostly in the sub 3% range – which is pretty good when you consider that most commercial websites see more than 60% non-human traffic.

Advertiser had “never seen such in-depth reporting”

Trust is critical to our customer’s business, and Distil has enabled us to prove to this advertiser that we’re more than worthy of their trust. By nearly eliminating non-human traffic, Distil Networks has ensured that the ad interactions across my customer’s site is high quality and human. The advertiser that filed the fraud inquiry said they’d never seen such in-depth reporting and needless to say, they remain a happy advertiser to this day.

Comparisons

Distil

Contact

Distil Networks protects mission-critical websites, mobile apps, and APIs from automated threats without affecting the flow of business-critical traffic. We defend customers against web scraping, account takeover, transaction fraud, denial of service, competitive data mining, unauthorized vulnerability scans, spam, click fraud, and web and mobile API abuse. Only Distil’s unique, more holistic approach provides the vigilant service, superior technology, and industry expertise needed for full visibility and control over human, good bot, and bad bot traffic. As their ally in the war against bots, we provide customers with vigilant and dedicated support so that when they’re under attack, there is a team of experts ready to help. With Distil, there is finally a defense against automated attacks that is as adaptable and vigilant as the threat itself.

Under Attack? We can help with an expedited response!

By continuing to browse this or by clicking “Accept Cookies,” you agree to the storing of first- and third-party cookies on your device for the reasons specified in our Cookie Policy.